The previous SF questions I've seen have lead to answers that produce MD5 hashed password.
Does anyone have a suggestion on to produce an SHA-512 hashed password? I'd prefer a one liner instead of a script but, if a script is the only solution, that's fine as well.
Replacing previous py2 versions with this one:
python3 -c "import crypt;print(crypt.crypt(input('clear-text pw: '), crypt.mksalt(crypt.METHOD_SHA512)))"
Edit: Please note this answer is 10+ years old.
Here's a one liner:
python -c 'import crypt; print crypt.crypt("test", "$6$random_salt")'
Python 3.3+ includes mksalt in crypt, which makes it much easier (and more secure) to use:
python3 -c 'import crypt; print(crypt.crypt("test", crypt.mksalt(crypt.METHOD_SHA512)))'
If you don't provide an argument to crypt.mksalt (it could accept crypt.METHOD_CRYPT, ...MD5, SHA256, and SHA512), it will use the strongest available.
The ID of the hash (number after the first $) is related to the method used:
I'd recommend you look up what salts are and such and as per smallclamgers comment the difference between encryption and hashing.
Update 1: The string produced is suitable for shadow and kickstart scripts.
Update 2: Warning. If you are using a Mac, see the comment about using this in python on a mac where it doesn't seem to work as expected.
On macOS you should not use the versions above, because Python uses the system's version of crypt() which does not behave the same and uses insecure DES encryption. You can use this platform independent one liner (requires passlib – install with pip3 install passlib):
python3 -c 'import passlib.hash; print(passlib.hash.sha512_crypt.hash("test"))'
On Debian you can use mkpasswd to create passwords with different hashing algorithms suitable for /etc/shadow. It is included in the package whois (according to apt-file)
mkpasswd -m sha-512
mkpasswd -m md5
to get a list of available hashing algoritms type:
mkpasswd -m help
HTH
Using grub-crypt
Usage: grub-crypt [OPTION]...
Encrypt a password.
-h, --helpPrint this message and exit
-v, --version Print the version information and exit
--md5 Use MD5 to encrypt the password
--sha-256 Use SHA-256 to encrypt the password
**--sha-512 Use SHA-512 to encrypt the password (default)**
Here's a short C code to generate the SHA-512 password on various Unix type OSes.
File: passwd-sha512.c
#define _XOPEN_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
int main(int argc, char *argv[]) {
if ( argc < 3 || (int) strlen(argv[2]) > 16 ) {
printf("usage: %s password salt\n", argv[0]);
printf("--salt must not larger than 16 characters\n");
return;
}
char salt[21];
sprintf(salt, "$6$%s$", argv[2]);
printf("%s\n", crypt((char*) argv[1], (char*) salt));
return;
}
to compile:
/usr/bin/gcc -lcrypt -o passwd-sha512 passwd-sha512.c
usage:
passwd-sha512 <password> <salt (16 chars max)>
Surprising that no answer suggests the simple openssl passwd command with the -6 option. Maybe it wasn't available yet in 2011?
If you don't care providing the password on the command-line (risking it staying in the command history), then you can do:
openssl passwd -6 YourPassword
It will generate the salt, and output a line like this:
$6$/57kpVAA/kuPUtzV$Ugxo0RTL2uXCvU7WH43c1qn0quMy2ve.qiBYJPG75tFgTN8gI5Jp/FYPXFOzIsASqVTqM42kjN2805VYLHKzm1
With the stdin option, it can also read the password from STDIN (or a file), so you don't leave it behind in the history:
openssl passwd -6 -stdin
Why not perform the following check and modification to Centos/RHEL machines to ensure that all password hashing for /etc/shadow is done with sha512. Then you can just set your passworkd normally with the passwd command
#Set stronger password hasing
/usr/sbin/authconfig --test | grep sha512 > /dev/null
if [ $? -ne 0 ]; then
echo "Configuring sha512 password hashing"
sudo /usr/sbin/authconfig --enableshadow --passalgo=sha512 --updateall
fi
Here is a one-liner that uses shell commands to create a SHA-512 hashed password with a random salt:
[root@host] mkpasswd -m sha-512 MyPAsSwOrD $(openssl rand -base64 16 | tr -d '+=' | head -c 16)
Notes
Read the comment below to learn about security implications of this answer
For those of the Ruby mindset here is a one-liner:
'password'.crypt('$6$' + rand(36 ** 8).to_s(36))
All examples will be using SHA-512, <password> as password placeholder and <salt> as salt placeholder.
Note: mkpasswd binary is installed via the package whois on Debian / Ubuntu only. On other Linux distribution such as ArchLinux, Fedora, CentOS, openSUSE, etc. mkpasswd is provided by the expect package but is an totally different utility which is available as expect_mkpasswd on Debian / Ubuntu. whois of all other Linux distro doesn't include mkpasswd but the source (C lang) can be found on the original repository https://github.com/rfc1036/whois.
# With a random password and random salt
mkpasswd -m sha-512
# With a random random salt
mkpasswd -m sha-512 '<password>'
# Choosing both password and salt
mkpasswd -m sha-512 '<password>' '<salt>'
# Read password from stdin to avoid leaking it in shell command history
mkpasswd -m sha-512 --stdin
# With a random random salt
openssl passwd -6 '<password>'
# Choosing both password and salt
openssl passwd -6 --salt '<salt>' '<password>'
# Read password from stdin to avoid leaking it in shell command history
openssl passwd -6 -stdin
openssl passwd -6
# With a random password and random salt
ruby -e 'require "securerandom"; puts SecureRandom.alphanumeric(20).crypt("$6$" + rand(36 ** 8).to_s(36))'
# With a random random salt
ruby -e 'puts "<password>".crypt("$6$" + rand(36 ** 8).to_s(36))'
# Choosing both password and salt
ruby -e 'puts "<password>".crypt("$6$<salt>")'
# Read password from stdin to avoid leaking it in shell command history
ruby -e 'require "io/console"; puts IO::console.getpass.crypt("$6$" + rand(36 ** 8).to_s(36))'
Note: for those who complains that Random#rand is a PRNG, you can use the secure SecureRandom#rand but it's not very important is rand is used only to generate the salt which is publicly available in the hash at the end.
ruby -e 'require "securerandom"; puts "<password>".crypt("$6$" + SecureRandom.rand(36 ** 8).to_s(36))'
# Choosing both password and salt
perl -le 'print crypt "<password>", "\$6\$<salt>\$"'
Requires Python >= 3.3
# With a random random salt
python -c 'import crypt; print(crypt.crypt("<password>", crypt.mksalt(crypt.METHOD_SHA512)))'
# Choosing both password and salt
python -c 'import crypt; print(crypt.crypt("<password>", "$6$<salt>"))'
# Read password from stdin to avoid leaking it in shell command history
python -c 'import crypt,getpass; print(crypt.crypt(getpass.getpass(), crypt.mksalt(crypt.METHOD_SHA512)))
Note: The grub package doesn't include grub-crypt in many distros.
# With a random random salt
# Read password from stdin to avoid leaking it in shell command history
grub-crypt --sha-512
This script worked for me on Ubuntu 12.04 LTS: https://gist.github.com/JensRantil/ac691a4854a4f6cb4bd9
#!/bin/bash
read -p "Enter username: " username
read -s -p "Enter password: " mypassword
echo
echo -n $username:$mypassword | chpasswd -S -c SHA512
It has the following features which some of the other alternatives lack:
After the Customer changes the password, you can copy the encrypted password from /etc/shadow to the kickstart file. How to do it:
export CRYPTED_PASSWORD=$(grep root /etc/shadow | cut –d ”:” –f 2)
echo "s;rootpw -–iscrypted .*;rootpw –-iscrypted $CRYPTED_PASSWORD;" > sed_script
sed –i –f sed_script template.ks
I saw the note from @chris about crypt not being ideal for this, and that it doesn't support PBKDF2. Well since Python 3.4 hashlib does contain a PBKDF2 HMAC function:
import os
import hashlib
import base64
salt = base64.b64encode(os.urandom(12))
password = base64.b64encode(hashlib.pbkdf2_hmac('sha512', bytes(passin, 'UTF-8'), salt, 200000, 64))
print(f"$6${salt.decode('UTF-8')}${password.decode('UTF-8')})"
I'm by far no cryptographical expert so I don't know the validity of crypt not being appropriate for this. And this method comes with a warning from the manpages:
Deprecated since version 3.10: Slow Python implementation of pbkdf2_hmac is deprecated. In the future the function will only be available when Python is compiled with OpenSSL.
As stated by the hashlib man page tho, I tried to set an appropriate iteration count of 200'000: NIST-SP-800-132 and stackexchange pbkdf2 iterations question.
HASH algos are for producing MESSAGE digests, they are never suitable for passwords, which should use some kind of HKDF ( http://tools.ietf.org/rfc/rfc5869.txt ) - see PBKDF2 or BCrypt
#!/usr/bin/env python
import getpass
from passlib.hash import sha512_crypt
if __name__ == "__main__":
passwd = getpass.getpass('Password to hash: ')
hash = sha512_crypt.encrypt(passwd)
print hash
You can clone it from my github repo if you want: https://github.com/antoncohen/mksha
Its not a one liner, but it might help someone:
import crypt, getpass, pwd, string, sys, random
randomsalt = ""
password = getpass.getpass()
choices = string.ascii_uppercase + string.digits + string.ascii_lowercase
for _ in range(0,8):
randomsalt += random.choice(choices)
print crypt.crypt(password, '$6$%s$' % randomsalt)
$ htpasswd -c /tmp/my_hash user1
New password:
Re-type new password:
Adding password for user user1
$ cat /tmp/my_hash
user1:$apr1$oj1ypcQz$4.6lFVtKz2nr8acsQ8hD30
Obviously, you just grab the 2nd field, and can delete the file once you're added it to shadow or for use with sudo (still most likely shadow).
Take a look at the man page for crypt (3) and I think that you will find that the crypt tool has been updated to use glibc and sha256 ($5) and sha512 ($6) , multiple rounds, much larger salt, and so on.
Clearly SHA512 is relevant to how /etc/shadow works.
That said, this web page was very helpful - in particular the MKPASSWD , as this solved MY problem.
Given a potentially "lost" password, I can use MKPASSWD and the salt, to generate the SHA512 hash, and confirm/deny a list of candidate passwords.
I would use John the ripper - but at least on my hardware (Raspberry Pi) and my budget (nothing) - John can't do it (it does not seem to support the advanced crypt/glibc stuff in the raspbian free version.
Mind you, since I have enough permission to read/write /etc/shadow, I COULD just overwrite the hash, and get on with life... this is an academic exercise.
NOTES Glibc notes The glibc2 version of this function supports additional encryp‐ tion algorithms.
If salt is a character string starting with the characters
"$id$" followed by a string terminated by "$":
$id$salt$encrypted
then instead of using the DES machine, id identifies the encryp‐
tion method used and this then determines how the rest of the
password string is interpreted. The following values of id are
supported:
ID | Method
─────────────────────────────────────────────────────────
1 | MD5
2a | Blowfish (not in mainline glibc; added in some
| Linux distributions)
5 | SHA-256 (since glibc 2.7)
6 | SHA-512 (since glibc 2.7)
So $5$salt$encrypted is an SHA-256 encoded password and
$6$salt$encrypted is an SHA-512 encoded one.
If you need an alternative to one-liners written in perl/python, mkpasswd is a good match. While it is included in the Debian whois package, it is missing on CentOS/RHEL systems. I've modified the Debian version of mkpasswd and included a stronger salt generation mechanism based on OpenSSL. The resulting binary fully preserves all Debian's version command line parameters. The code is avaiable on github and should compile on any Linux flavor: mkpasswd
I'm not sure how SHA-512 is related to /etc/shadow. These passwords are crypted.
But if you want a password hashed with SHA-512 you can do this by echo -n the_password | sha512sum. You can't use the output for /etc/shadow.
